Schedule a Demo

Schedule a Demo

Privacy Policy

Effective Date: July 5, 2025
Last Updated: February 24, 2026

1. Scope of This Privacy Policy


This Privacy Policy applies to:

  • Our website(s) and marketing pages

  • Demo requests, sales inquiries, and support interactions

  • Product accounts and users of AIdMD Services

  • AIdMD Insights Lite (including optional manual uploads)

  • AIdMD Insights Enterprise and AIdMD EHR, except as limited by applicable customer agreements and HIPAA obligations

Important HIPAA Notice

For protected health information (PHI) processed by AIdMD on behalf of healthcare providers, health systems, or other covered entities/business associates, AIdMD may act as a service provider / business associate and process PHI under applicable agreements (including Business Associate Agreements, where applicable) and customer instructions.

This Privacy Policy does not replace a healthcare provider’s Notice of Privacy Practices and does not govern PHI handled directly by your healthcare provider outside of our Services.


2. Information We Collect

We may collect the following categories of information, depending on how you use the Services.

A. Information You Provide to Us

  • Contact information (name, work email, phone number, organization)

  • Account information (username, password, role, profile details)

  • Communications (messages submitted through forms, support requests, emails)

  • Demo and sales information (practice size, use case, EHR environment, deployment needs)

  • Content you submit through the Services, including:

    • prompts/queries

    • uploaded files/documents

    • notes/drafts

    • configuration settings

  • AIdMD Insights Lite uploads (if you manually upload documents or patient context)

B. Product and Usage Information

  • Log and event data (IP address, browser type, device type, operating system)

  • Authentication and session data

  • Feature usage data (e.g., which tools are used, timestamps, performance metrics)

  • Error logs, diagnostics, and crash reports

  • Interaction data needed to provide and improve the Services

C. Clinical and Healthcare Data (Enterprise/EHR)

When our Services are used in clinical settings, we may process healthcare-related information, including PHI, as directed by our customers and subject to applicable agreements and law.

This may include:

  • patient demographics

  • encounter documentation

  • chart/context data

  • medications, allergies, labs, and clinical history

  • orders/referrals/follow-up content

  • clinician-generated notes and drafts

D. Cookies and Similar Technologies

We and our service providers may use cookies, pixels, local storage, and similar technologies to:

  • operate and secure the website

  • remember preferences

  • analyze website traffic and usage

  • improve performance

  • support marketing and campaign measurement (where permitted by law)

You can control cookies through your browser settings and, where applicable, our cookie consent tools.


3. How We Use Information

We may use information for the following purposes:

To Provide and Operate the Services

  • Create and manage accounts

  • Authenticate users and control access

  • Deliver product features (e.g., AI scribe, AI chat, insights, workflow actions)

  • Process inputs, uploads, and outputs

  • Integrate with customer systems (for AIdMD Insights Enterprise and AIdMD EHR)

To Support Customers and Respond to Requests

  • Respond to inquiries, demos, and support tickets

  • Troubleshoot issues

  • Provide onboarding and implementation assistance

To Improve, Maintain, and Secure the Services

  • Monitor performance and reliability

  • Detect, prevent, and investigate fraud, abuse, or security incidents

  • Debug errors and improve usability

  • Develop and improve product features and operational processes

To Communicate With You

  • Send service-related notices (security, maintenance, product updates)

  • Send administrative messages

  • Send marketing communications (where permitted by law and based on your preferences)

To Comply With Law and Enforce Rights

  • Meet legal, regulatory, and compliance obligations

  • Enforce our terms, agreements, and policies

  • Protect rights, safety, and security of AIdMD, our customers, users, and others


4. How We Disclose Information

We may disclose information in the following circumstances:

A. Service Providers and Vendors

We may share information with vendors that help us operate the Services, such as providers of:

  • cloud hosting and infrastructure

  • analytics and monitoring

  • customer support tools

  • communication tools

  • security services

  • implementation/integration support

These providers are authorized to process information only as needed to perform services for us and subject to contractual restrictions.

B. Customer Organizations (Enterprise/EHR)

If you use AIdMD through a healthcare organization, practice, or employer, certain information may be accessible to that organization and its authorized administrators and users, consistent with their role-based permissions and policies.

C. Integrations and Customer-Directed Disclosures

For AIdMD Insights Enterprise and AIdMD EHR, we may process and transmit data to/from customer-authorized systems (e.g., EHRs or other clinical systems) at the customer’s direction.

D. Legal and Safety Reasons

We may disclose information if required by law or if we reasonably believe disclosure is necessary to:

  • comply with legal process

  • respond to lawful requests from public authorities

  • protect rights, property, or safety

  • investigate fraud, abuse, or security incidents

E. Business Transfers

We may disclose information in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to applicable confidentiality and legal obligations.


5. AI and Data Use

AIdMD provides AI-enabled features as part of the Services.

Clinical Oversight

AIdMD is designed to support clinicians and clinical workflows. Outputs may require clinician review and approval before use in documentation, actions, or orders.

PHI and Model Training

AIdMD does not use patient data or PHI to train public AI models.

If AIdMD uses de-identified, aggregated, or non-PHI data for product improvement, benchmarking, or analytics, we do so in accordance with applicable law, contracts, and technical/organizational safeguards.

If you do not do de-identified product improvement, delete the previous sentence.


6. Data Retention

We retain information for as long as necessary to:

  • provide the Services

  • fulfill the purposes described in this Privacy Policy

  • comply with legal obligations

  • resolve disputes and enforce agreements

Retention periods vary depending on:

  • the type of data

  • the product used (Lite / Enterprise / EHR)

  • customer contracts and instructions

  • legal and regulatory requirements

  • backup and security practices

Where applicable, we may delete or de-identify information when it is no longer needed.


7. Security

We implement administrative, technical, and physical safeguards designed to protect information, including measures such as:

  • encryption in transit and at rest (where applicable)

  • access controls and role-based permissions

  • logging and monitoring

  • secure development and operational practices

No system can guarantee absolute security. If you believe your account or data may be compromised, contact us immediately at admin@aidmd.com or contact@aidmd.com.


8. Your Choices and Rights

Depending on where you live and the nature of your relationship with AIdMD, you may have certain rights regarding personal information, such as the right to:

  • access

  • correct

  • delete

  • restrict or object to certain processing

  • request portability (where applicable)

  • opt out of marketing communications

Marketing Communications

You may opt out of marketing emails by using the unsubscribe link in our messages or by contacting us at [privacy@aidmd.com]. We may still send service-related communications.

Product/Clinical Data Requests

If your information is controlled by a healthcare provider, practice, or enterprise customer (including PHI), please direct your request to that organization first. We may assist our customers in responding to lawful requests as required by contract and law.


9. Cookies and Analytics Choices

You can manage cookies through your browser settings. If we use analytics or advertising cookies, we may provide additional controls through a cookie banner or settings tool where required by law.

If you use Google Analytics, Meta Pixel, etc., list them (or link to a cookie notice) after legal review.


10. Children’s Privacy

Our Services are intended for healthcare organizations, clinicians, and authorized users, and are not directed to children for independent use. We do not knowingly collect personal information directly from children in contexts where such collection is prohibited by law.


11. International Data Transfers

If you access the Services from outside the United States, your information may be processed in the United States or other jurisdictions where we or our service providers operate, subject to applicable safeguards and legal requirements.

If you serve EU/UK users, have counsel add your transfer mechanism language (e.g., SCCs/IDTA as applicable).


12. Region-Specific Disclosures (Optional / Add as Applicable)

Depending on your audience, you may need additional disclosures for:

  • California (CCPA/CPRA)

  • Virginia / Colorado / Connecticut / Utah and other U.S. state privacy laws

  • EU/EEA / UK GDPR

  • Canada (PIPEDA / provincial laws)

If applicable, add a separate section describing:

  • categories of personal information collected/disclosed

  • legal bases for processing (GDPR)

  • rights request methods

  • appeal rights (where required)

  • data sale/share/targeted advertising disclosures (if applicable)

If you are not advertising to consumers and primarily serve B2B healthcare organizations, these sections may still be required for website visitors depending on your traffic and practices.


13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last Updated” date and take additional steps as required by law (such as posting a notice or notifying users).


14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

AIdMD Technologies, Inc.
1111b South Governors Avenue Suite 99824
Dover, DE, 19904, US
Email: info@aidmdusa.com
Security: admin@aidmdusa.com
Website: https://www.aidmdusa.com